package com.olive.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@Configuration
public class ProjectConfig extends WebSecurityConfigurerAdapter{
	
	@Autowired
    private CustomAuthenticationProvider authenticationProvider;

//    @Bean
//    public UserDetailsService userDetailsService(){
//        InMemoryUserDetailsManager userDetailsService = new InMemoryUserDetailsManager();
//        //User类用于创建代表用户的对象的构造器实现，该类由SpringSecurity提供，并非我们自己创建
//        UserDetails user = User.withUsername("olive")
//                .password("123456")
//                .authorities("read")
//                .build();
//        userDetailsService.createUser(user);
//        return userDetailsService;
//    }
//    
//    @Bean
//    public PasswordEncoder passwordEncoder(){
//        return NoOpPasswordEncoder.getInstance();
//    }
    
//	@Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        //声明UserDetailsService,以便将用户存储在内存中
//        InMemoryUserDetailsManager userDetailsService = new InMemoryUserDetailsManager();
//        //定义具有所有详情的用户
//        UserDetails user = User.withUsername("olive")
//                .password("123456")
//                .authorities("read")
//                .build();
//        //添加该用户以便让UserDetailsService对其进行管理
//        userDetailsService.createUser(user);
//        auth.userDetailsService(userDetailsService)
//                .passwordEncoder(NoOpPasswordEncoder.getInstance());
//    }
	
	@Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.authenticationProvider(authenticationProvider);
    }
	
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.httpBasic();
        http.authorizeRequests()
                .anyRequest()
                .authenticated(); //所有请求都需要身份验证
        
//        http.httpBasic();
//        http.authorizeRequests()
//                .anyRequest().permitAll(); //所有请求都不需要身份验证
    }
}

